Blog Posts Tagged: Online Fraud

Continued Expansion of The ThreatMetrix® Global Trust Intelligence Network Enables Businesses to Stop Fraud, Not Customers – in Real Time

San Jose, CA – March 3, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced that its ThreatMetrix® Global Trust Intelligence Network (The Network) now analyzes and protects more than one billion mobile and Web-based transactions per month. Transaction volume is expected to continue growing and by the end of 2015, ThreatMetrix expects to analyze more than 15 billion total transactions. This volume is greater than the annual number of e-commerce transactions from the world’s largest e-commerce markets or the world’s biggest payment networks.1 The Network enables businesses to seamlessly differentiate between trusted consumers and potential cybercriminals. This prevents hundreds of millions of dollars in fraud losses globally, without impacting the customer experience for legitimate users.

“One of the biggest drivers of our network’s growth is the rapid adoption of ThreatMetrix mobile solutions,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “We continue to see strong demand from customers looking to extend protection to their mobile applications. Users connect to businesses both via mobile apps and browsers, so it’s critical to protect both channels through a single solution that delivers seamless authentication across devices and provides high levels of fraud protection.

“Of the one billion transactions analyzed monthly by ThreatMetrix, more than 250 million were from mobile devices from more than 200 countries,” said Baumhof. “This is a testament to the reach of The Network and we expect this growth to continue as many of the world’s most valued companies and brands protect their applications using the ThreatMetrix solution. We are seeing more than 20 million new mobile deployments each month representing more than 25 percent of the total new devices being added to our network, making us one of the largest mobile security providers. It is, however, critical for us to provide a true cross-channel solution that delivers an integrated risk assessment across all connected devices – a capability that has proven to be invaluable for our customers.”

Growth of ThreatMetrix’s mobile solution further enhances the value of The Network. By creating an anonymized digital identity of consumers based on device, persona and behavior from every interaction (account origination, login and access, and purchase) and comparing it in real time to previous activity, ThreatMetrix customers can accurately identify their customers from cybercriminals – regardless of channel.

“Cybercrime is not a fight that can be won individually and many businesses are realizing the benefits of using an anonymized network to assess consumers’ digital identities in order to differentiate between trusted consumers and cybercriminals without adding friction,” said Alisdair Faulkner, chief products officer ThreatMetrix. “ThreatMetrix’s single, integrated solution is built on a common platform leveraging the shared intelligence of its network and offers the benefits of predictive analytics to protect businesses and reduce customer friction while delivering solutions specific to the device and channel. The ThreatMetrix mobile solution extends the network’s value by adding a deep understanding of mobile devices.”

Use of mobile devices to access banking and commerce applications is growing globally. Consumers from emerging economies show higher percentages of mobile transactions than developed economies. However, devices from these countries are more susceptible to potential attacks driven by the proliferation of jailbroken or rooted devices.

“Utilizing ThreatMetrix’s extensive threat intelligence library to detect malware-altered applications or jailbroken or rooted (also known as compromised) devices provides businesses an accurate predictor of the risk level associated with any mobile device,” said Faulkner.

The ThreatMetrix mobile solution can benefit businesses by:

Understanding users and associated devices – ThreatMetrix enables businesses to understand users and devices by leveraging threat intelligence from The Network, including whether a device has previously accessed the account it’s logging into, what type of behavior was associated with a device previously, and more.

Effective fraud intelligence without in-house expertise – ThreatMetrix detects mobile-based malware and identifies devices that have been jailbroken or rooted and provides a vast library of digital identities, negating the need for in-house experts.

Ensuring application integrity – Cybercriminals can easily integrate malware and scrape credentials through keylogging to access a business app or website with false credentials, exposing businesses to brand and reputation risk. ThreatMetrix can detect if a protected application is in a pure state and was not tampered with prior to allowing communication with a business’ infrastructure.

Faulkner will present on the ThreatMetrix mobile solution at Mobile World Congress, the world’s leading mobile event, March 2-5 in Barcelona. The conference features more than 250 speakers, including leaders of mobile operators, infrastructure providers, device makers and Internet companies.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

Using The Network, ThreatMetrix® expects to analyze more than 15 billion total transactions by the end of this year. This volume is greater than the annual number of e-commerce transactions from the world’s largest e-commerce markets or the world’s biggest payment networks. These calculations are based on projected 2015 ThreatMetrix transactions and the annual projected e-commerce volume for U.S., China and global payment networks.

“One of the biggest drivers of our network’s growth is the rapid adoption of ThreatMetrix mobile solutions. We continue to see strong demand from customers looking to extend protection to their mobile applications. Users connect to businesses both via mobile apps and browsers, so it’s critical to protect both channels through a single solution that delivers seamless authentication across devices and provides high levels of fraud protection.

“Of the one billion transactions analyzed monthly by ThreatMetrix, more than 250 million were from mobile devices from more than 200 countries,” said Baumhof. “This is a testament to the reach of The Network and we expect this growth to continue as many of the world’s most valued companies and brands protect their applications using the ThreatMetrix solution. We are seeing more than 20 million new mobile deployments each month representing more than 25 percent of the total new devices being added to our network, making us one of the largest mobile security providers. It is, however, critical for us to provide a true cross-channel solution that delivers an integrated risk assessment across all connected devices – a capability that has proven to be invaluable for our customers.”

Value of The Network increases as The Network grows

By creating an anonymized digital identity of consumers based on device, persona and behavior from every interaction (account origination, login and access, and purchase) and comparing it in real time to previous activity, ThreatMetrix clients can accurately identify their customers from cybercriminals – regardless of the channel. And the greater the number of transactions analyzed, the better the intelligence.

“Cybercrime is not a fight that can be won individually and many businesses are realizing the benefits of using an anonymized network to assess consumers’ digital identities in order to differentiate between trusted consumers and cybercriminals without adding friction.

“ThreatMetrix’s single, integrated solution is built on a common platform leveraging the shared intelligence of its network and offers the benefits of predictive analytics to protect businesses and reduce customer friction while delivering solutions specific to the device and channel. The ThreatMetrix mobile solution extends the network’s value by adding a deep understanding of mobile devices.”

The threat from mobile devices from accessing banking and commerce apps

Consumers from emerging economies show higher percentages of mobile transactions than developed economies. However, devices from these countries are more susceptible to potential attacks driven by the proliferation of jailbroken or rooted devices.

“Utilizing ThreatMetrix’s extensive threat intelligence library to detect malware-altered applications or jailbroken or rooted (also known as compromised) devices provides businesses an accurate predictor of the risk level associated with any mobile device,” said Faulkner.

ThreatMetrix’s mobile solution benefits businesses by:

Understanding users and associated devices – ThreatMetrix enables businesses to understand users and devices by leveraging threat intelligence from The Network, including whether a device has previously accessed the account it’s logging into, what type of behavior was associated with a device previously, and more.

Effective fraud intelligence without in-house expertise – ThreatMetrix detects mobile-based malware and identifies devices that have been jailbroken or rooted and provides a vast library of digital identities without the need for in-house experts.

Ensuring application integrity – Cybercriminals can easily integrate malware and scrape credentials through keylogging. Accessing a business app or website with false credentials, they can put a business’s brand and reputation at risk. ThreatMetrix can detect if a protected application has not been tampered with prior to allowing communication with a business’ infrastructure.

Faulkner will present on the ThreatMetrix mobile solution at Mobile World Congress, the world’s leading mobile event, March 2-5 in Barcelona. The conference features more than 250 speakers, including leaders of mobile operators, infrastructure providers, device makers and Internet companies.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

Though Florida was not named as one of the states hardest hit by the Anthem breach, it is one where a class-action suit was filed on behalf of Florida customers of Indiana-based Anthem. As they say at Orlando’s Walt Disney World, “It’s a small world after all.”

Two representative plaintiffs, David and Maria Haag, live in the Orlando area. Their case is being handled by lead attorney John Yanchunis of Morgan & Morgan, who said he didn’t yet know how many Floridians may have been affected by the breach.

In a story on orlandosentinel.com, Paul Brinkmann describes the background of the suit against the nation’s second largest healthcare insurance company which administers health plans offered by Blue Cross and Blue Shield. The following has been excerpted from Brinkmann’s story and edited to fit our format. You may find the full article by clicking on this link.

Lead attorney experienced with data breaches

Yanchunis is also involved in suing over data breaches at Target and Home Depot. “I believe this is the most significant data breach yet,” Yanchunis said of the Anthem data breach.

Anthem data not encrypted

There is no law that such data [such as that collected by Anthem] must be encrypted, and some companies decline to encrypt the data so that it is more accessible.

Suit charges Anthem negligent in protecting data

The new Orlando lawsuit alleges that Anthem was negligent in not protecting the data more. Yanchunis said encrypting data is expensive, but data breaches are more expensive. The stolen data include[d] names, dates of birth, social security numbers, health care ID numbers, home addresses, email addresses, and income data [of 80 million customers]. [Anthem didn’t] believe credit card information was taken.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

The latest statistics published by the European Central Bank reveal that card-not-present (CNP) fraud is on the rise accounting for 60% of all fraud losses on cards issued in the European Union. To address the problem, Europol’s European Cybercrime Centre (EC3) has launched several investigations.

An article on eurasiareview.com (link to article) quotes the head of the European Cybercrime Centre, Troels Oerting, who said, “The criminal networks involved in this sophisticated electronic payment crime have been taken down as a result of many months of hard work by police officers and prosecutors in the European Union. Through the international cooperation of law enforcement authorities, the European Commission and Europol, as well as cooperation with the financial industry, European customers’ payment transactions are safer. We continue our fight against this crime. The criminals continue to develop new methods for stealing our identities, money and ideas online, and we have to continue and further develop operations like Sandpiper and Skynet. [Skynet is the codename of a new EU-funded project. Just launched, it focuses on international cooperation to combat online CNP fraud. Six EU Member States are involved.]”

A joint EU effort

According to the eurasiareview.com story, Europol’s information and analysis systems are used to exchange and cross-check the intelligence received from member states.

One element is a program called MasterCard Safety Net. The company claims … that Safety Net “provides an independent layer of security on top of the tools and policies of financial institutions, by monitoring and blocking specific transactions based on selected criteria.”

The company promises, “Safety Net is designed to intervene only in extreme cases to block fraudulent activity.”

Biometrics

The other half of MasterCard’s strategy is biometrics. The company is pairing with First Tech Federal Credit Union to work on a pilot program that will allow customers to use unique identifiers — including face, fingerprint, and voice matching — to authenticate and verify transactions.

EMV transition going well

MasterCard reports that the transition is “well underway”, with half of all cards and just under half (47%) of all point-of-sale terminals projected to be chip-enabled by the end of 2015.

Visa takes a different approach that works like Apple Pay

Where MasterCard is focusing on making the customer prove a charge is authorized, Visa is working on scrambling information that might be stolen, so [that thieves can’t use it.].

[Called] the Visa Token Service, [it] works in basically the same way Apple Pay does (in fact, it’s part of Apple Pay): instead of transmitting your 16-digit card number, expiration date, and security code, Visa instead shares a unique number — your token — with the merchant getting paid.

If someone intercepts the transmission or the system and manages to yank that token, all they have is a string of numbers. It’s not a thing that can be cloned onto a new payment card or used in any meaningful way.

Beyond mobile

What’s new about it is that Visa is trying to expand the Token Service out of just mobile payments, and into traditional online retailers as well. When your credit card is stored on the site of a merchant you regularly shop with, that’s a weakness: anyone who breaches that database has…everything they need to commit fraud on your card. But if the merchant stores a random token in your account information, instead of your credit card number, that data once again becomes meaningless to thieves even while it remains convenient to consumers.

Alisdair Faulkner, Chief Products Officer, to Participate in a Panel on Strategies for Combatting Payment Fraud Using Enhanced Tools and Technology

San Jose, CA – February 25, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced it is speaking and exhibiting at the BAI Payments Connect Conference, March 2-4 at Phoenix Convention Center West Building in Phoenix, Ariz.

BAI Payments Connect Conference is a one-of-a-kind event that focuses on helping companies keep pace with and adapt to today’s fast-track complex payments space. More than 700 innovative payments professionals and solution providers will converge to focus on current issues, challenges and opportunities in the payments space. Participants can attend expos, demo sessions and the second-annual digital day, which will focus on how to take a business into the digital world. This year, attendees will have the opportunity to vote for their favorite, most innovative demo presentation, and the organization with the most votes will be the BAI Payments Innovation Track Award winner.

”Payments professionals work solely in the transfer of money, meaning their business is one of the biggest targets for cybercriminals,” said Faulkner. “Unfortunately, many businesses within the industry rely on security solutions that create friction by authenticating returning customers and failing to recognize them based on minor changes in their environment – such clearing their cookies or changing browsers, for example. At the BAI Conference, attendees will learn about ThreatMetrix’s context-based authentication capabilities, which offer secure, cost effective and frictionless user access for the payments industry through real-time behavior and contextual analytics derived from analyzing billions of global transactions.”

ThreatMetrix recently began an initiative to offer alternatives to outdated authentication solutions for banks and financial institutions that includes solutions for financial services institutions to provide frictionless customer logins that decrease operational costs and improve cybercrime detection. The goal of many online and mobile banking institutions is to ensure a top-notch customer experience and increase revenue. ThreatMetrix’s growing shared global intelligence network delivers secure, accurate authentication in real time to reduce user friction and ensure a high-level of customer satisfaction.

“The payments industry is booming right now, mobile transactions are doubling year over year and our focus is to support this growth with transparent fraud solutions that don’t interfere with business,” said Faulkner. “ThreatMetrix is committed to rapid evolution in order to keep pace with the industry by leveraging a collective approach to cybersecurity to combat payment fraud. I am very excited to discuss the growth and success of our global shared network with BAI attendees at this year’s conference.”

ThreatMetrix authenticates customer payments using real-time identity and access analytics that leverage the power of the ThreatMetrix® Global Trust Intelligence Network (The Network), the world’s largest shared intelligence network. The solution protects financial Web and mobile applications against account takeover, payment fraud, and fraudulent account registrations as a result of stolen credentials obtained from malware, social engineering, phishing and data breaches.

For more information on the BAI Payments Connect Conference, click here.

ThreatMetrix Resources

Share this news on Twitter: .@ThreatMetrix to exhibit & CPO to discuss how #banking institutions can combat fraud at #BAIConference http://goo.gl/o6scHr

More than 700 payments professionals and solution providers will attend BAI Payments Connect 2015 from March 2-4 at Phoenix Convention Center West Building in Phoenix, Arizona. A one-of-a-kind event concentrating on current issues in the payments space, BAI Payments Connect provides the opportunity to attend expos, panel discussions and demo sessions. In addition attendees can take part in the second-annual digital day, focusing on how to take a business into the digital world.

The most innovative demo

This year, attendees can cast their vote for their favorite, most innovative demo presentation. And the organization with the most votes will be the BAI Payments Innovation Track Award winner.

ThreatMetrix will be exhibiting its context-based security solutions at booth 301 offering an opportunity for attendees to view the company’s alternatives to outdated legacy-based customer authentication solutions.

Joined by other noted security experts, Alisdair Faulkner will participate in a panel discussion on Tuesday, March 3 from 9:45 a.m. – 10:45 a.m. MST in room 106A. As noted in the headline, the discussion is about “Combatting Payment Fraud through Enhanced Tools and Technology.”

”Payments professionals work solely in the transfer of money, meaning their business is one of the biggest targets for cybercriminals,” said Faulkner. “Unfortunately, many businesses within the industry rely on security solutions that create friction by authenticating returning customers and failing to recognize them based on minor changes in their environment – such clearing their cookies or changing browsers, for example. At the BAI Conference, attendees will learn about ThreatMetrix’s context-based authentication capabilities, which offer secure, cost effective and frictionless user access for the payments industry through real-time behavior and contextual analytics derived from analyzing billions of global transactions.”

Shared global intelligence

ThreatMetrix’s growing shared global intelligence network delivers secure, accurate authentication in real time to reduce user friction and ensure a high-level of customer satisfaction. ThreatMetrix is able to authenticate customer payments using real-time identity and access analytics that leverage the power of the ThreatMetrix Global Trust Intelligence Network (The Network), the world’s largest shared intelligence network. The solution protects financial Web and mobile applications against account takeover, payment fraud, and fraudulent account registrations as a result of stolen credentials obtained from malware, social engineering, phishing and data breaches.

Faulkner on ThreatMetrix solutions for the payments industry

“The payments industry is booming right now, mobile transactions are doubling year over year and our focus is to support this growth with transparent fraud solutions that don’t interfere business,” said Faulkner. “ThreatMetrix is committed to rapid evolution in order to keep pace with the industry by leveraging a collective approach to cybersecurity to combat payment fraud. I am very excited to discuss the growth and success of our global shared network with BAI attendees at this year’s conference.”

For more information on the BAI Payments Connect Conference, click here.

Research conducted by PayPal in conjunction with market research firm, Ipsos, found that from 2013 to 2016, the multi-country average CAGR for mCommerce is projected to be 42 percent as opposed to 13 percent for eCommerce (including mobile commerce).

An article on thepaypers.com reports on the PayPal-Ipsos study which examined the mobile commerce habits of 17,600 consumers in 22 countries. The following has been excerpted from thepaypers.com piece and edited to fit our format. You may find the full article by clicking on this link.

From 1 percent in 2011 to 20 percent in 2015

Mobile payment volume has grown significantly from 2011. Currently, mobile accounts for 20% of its overall purchase volume worldwide, from 1% in 2011. In the US, mobile commerce is anticipated to grow from USD 54.6 million in 2014 to USD 96.3 million in 2016. Compared to the roughly 9% – 11% y-o-y increase in ecommerce, m-commerce in the US has a projected growth rate of 26% to 32% each year through 2016. Globally, mobile commerce is estimated to grow from roughly USD 102 billion in 2013 to roughly USD 291 billion in 2016.

mCommerce: rapidly growing in popularity around the globe

In the UAE, mobile shopping makes up for 24% of overall online spending. In China, that number is 21% and Turkey is in the third place, at 19%. In terms of smartphone-shopping density, more than 68% of Chinese online consumers said they have used their mobile devices to make purchases on a smartphone in 2014. The number is only slightly lower for UAE shoppers, at 57%, and 53% for Turkish consumers. In the US, 31% of consumers report that they have used their smartphones to shop in the past 12 months.

18-34 demographic

Overall, a third of online shoppers surveyed said they have used their smartphone for making an online purchase in the past 12 months. The increase in mobile shopping is being driven by smartphone shoppers between the ages of 18-34 (59% of smartphone shoppers in that age bracket reported using mobile to shop online). When comparing individual companies to the overall global average of 33%, the US figures report 31%, placing the US behind the UK (33%), France (36%), Spain (34%), Switzerland (32%), Russia (34%), Israel (37%), Turkey (53%), Ukraine (57%), Brazil (34%), Mexico (46%), Australia (33%) and China (68%).

Apps vs. browsers

Globally, 64% of smartphone users reported using an app for purchases as opposed to the 52% who used mobile browsers. The reasons cited for that are convenience and speed. Convenience was cited by 35% of users and speed by 30%. Instant payment confirmation and having a reminder in the app to use discounts or coupons were two other major reasons cited by those surveyed.

In terms of actual mobile shopping behaviors today, 36% of consumers say they use mobile to get info on a product, 27% use mobile to find a business and 25% use devices to read reviews on particular stores or products. But consumers revealed that, in the future, they are interested in using their smartphones for more mobile-centric tasks. For example, consumers said that they would be interested in using tap and pay at the register with their smartphone (16%), mobile ordering through app or browser (15%), and to compare prices while shopping in stores (14%).

Mobile Device Fraud Makes Up a Disproportionate Share of the $6 Billion Fraud Costs Merchants and Card Issuers in the U.S. Each Year

Forrester Research says mobile payments accounted for $52 billion worth of U.S. transactions in 2014, up from $32 billion in 2013. And this year that number is expected to hit $67 billion.

A LexisNexis survey of 1,100 companies found that while mobile payments account for 14 percent of transactions among merchants, they make up 21 percent of fraud cases. In her story on bloomberg.com, Olga Kharif details how cyberthieves have continued to shift their focus to mobile devices. The following has been excerpted from her piece and edited to fit our format. You may find her complete article by clicking on this link.

More mobile fraud than on PCs

“We certainly see a surge in mobile payment attacks,” says Tomer Barel, chief risk officer at PayPal, who says his company deals with more cases of fraud on mobile devices than on PCs. “There are many more avenues for fraudsters to try.”

Every dollar of mobile fraud costs merchants $3.34

Each dollar worth of misbegotten mobile payments winds up costing a fooled merchant $3.34. That’s slightly more than the cost of a fraudulent credit card swipe or mail order, 27 percent more than a similar payment made from a PC.

Merchants aren’t equipped to handle mobile fraud

Along with the cost of lost merchandise, the total includes investigation of the fraud. That’s tougher on phones than on PCs, because many businesses aren’t equipped to track mobile devices’ unique identifiers such as IP addresses. Stores often don’t catch when a card issued in Los Angeles is used for a mobile order from Mexico, says Aaron Press, director of e-commerce and payments at LexisNexis Risk Solutions. “It’s kind of a wake-up call,” he says.

Lower-tech fraud

Some mobile fraud remains low-tech. Last year, the Better Business Bureau warned consumers about a scam in which people posted absurdly cheap offers for used cars online, then tricked interested buyers into wiring funds through a phony version of Google Wallet.

Higher-tech fraud

Other frauds are more technical, such as the hackers who found a bug in a Chilean public transportation app that let them top off their travel credits for free.

The weak link

Like the brief flurry of duplicate charges that accompanied Apple Pay’s debut in October, such glitches highlight the vulnerability inherent in a system that requires banks, card networks, and software makers to keep pace with thieves. “If you don’t make the proper investment, they’ll be attracted to the weakest link,” says PayPal’s Barel.

Biometrics may stop some cybercriminals

Smartphone operating systems, at least, are tougher to infiltrate than those of PCs. Phones with biometric sensors can also make a person’s identity tougher to steal. Mobile payment service LoopPay says it’s adding support for biometric features such as Apple’s fingerprint reader, despite hackers’ claims that they can fool the iPhone’s sensor. Rival CurrentC says it’s considering similar measures….

“There’s no perfect system,” says Will Graylin, chief executive officer of LoopPay. “It’s always a game of cat and mouse.”

The 12 Worst Scams the Internal Revenue Service Warns Taxpayers to Be Wary of This Tax Season

What do you want to be when you grow up? At one time or other that question’s been asked of everyone who’s ever grown up, Peter Pan being the exception. But, no one to our knowledge has ever answered, “A tax collector.” Face it. Tax collectors are not the most popular members of any civilized society. After all, they take our hard-earned money and, in return, give us…well…nothing. That is until a few years ago when the Internal Revenue Service began telling us about the worst scams to look out for at tax time. The following has been excerpted from the IRS news release on 2014’s Dirty Dozen and edited to fit our format. You may find the complete news release by clicking on this link.

Identity theft

Tax fraud through the use of identity theft tops this year’s Dirty Dozen list.

The IRS has a special section on IRS.gov dedicated to identity theft issues, including YouTube videos, tips for taxpayers and an assistance guide. For victims, the information includes how to contact the IRS Identity Protection Specialized Unit.

Taxpayers who believe they are at risk of identity theft due to lost or stolen personal information should contact the IRS immediately so the agency can take action to secure their tax account. Taxpayers can call the IRS Identity Protection Specialized Unit at 800-908-4490. More information can be found on the special identity protection page.

Pervasive telephone scams

The IRS has seen a recent increase in local phone scams across the country, with callers pretending to be from the IRS in hopes of stealing money or identities from victims. These phone scams include many variations, ranging from instances where callers say the victims owe money or are entitled to a huge refund. Some calls can threaten arrest and threaten a driver’s license revocation. Sometimes these calls are paired with follow-up calls from people saying they are from the local police department or the state motor vehicle department.

Characteristics of these scams can include:

Scammers use fake names and IRS badge numbers. They generally use common names and surnames to identify themselves.

Scammers may be able to recite the last four digits of a victim’s Social Security Number.

Scammers “spoof” or imitate the IRS toll-free number on caller ID to make it appear that it’s the IRS calling.

Scammers sometimes send bogus IRS emails to some victims to support their bogus calls.

Victims hear background noise of other calls being conducted to mimic a call site.

After threatening victims with jail time or a driver’s license revocation, scammers hang up and others soon call back pretending to be from the local police or DMV, and the caller ID supports their claim.

In another variation, one sophisticated phone scam has targeted taxpayers, including recent immigrants, throughout the country. Victims are told they owe money to the IRS and it must be paid promptly through a pre-loaded debit card or wire transfer. If the victim refuses to cooperate, they are then threatened with arrest, deportation or suspension of a business or driver’s license. In many cases, the caller becomes hostile and insulting.

If you know you owe taxes or you think you might owe taxes, call the IRS at 800-829-1040. The IRS employees at that line can help you with a payment issue – if there really is such an issue.

If you know you don’t owe taxes or have no reason to think that you owe any taxes (for example, you’ve never received a bill or the caller made some bogus threats as described above), then call and report the incident to the Treasury Inspector General for Tax Administration at 800-366-4484.

If you’ve been targeted by these scams, you should also contact the Federal Trade Commission and use their “FTC Complaint Assistant” at FTC.gov. Please add “IRS Telephone Scam” to the comments of your complaint.

Phishing

If you receive an unsolicited email that appears to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System (EFTPS), report it by sending it to phishing@irs.gov.

[The] IRS does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.

False promises of “free money” from inflated refunds

Scam artists routinely pose as tax preparers during tax time, luring victims in by promising large federal tax refunds or refunds that people never dreamed they were due in the first place.

Scammers build false hope by duping people into making claims for fictitious rebates, benefits or tax credits. They charge good money for very bad advice. Or worse, they file a false return in a person’s name and that person never knows that a refund was paid.

Scam artists also victimize people with a filing requirement and due a refund by promising inflated refunds based on fictitious Social Security benefits and false claims for education credits, the Earned Income Tax Credit (EITC), or the American Opportunity Tax Credit, among others.

[Victims] of scam frequently are not given a copy of what was filed. Victims also report that the fraudulent refund is deposited into the scammer’s bank account. The scammers deduct a large “fee” before cutting a check to the victim, a practice not used by legitimate tax preparers.

Honest return preparers generally: ask for proof of income and eligibility for credits and deductions; sign returns as the preparer; enter their IRS Preparer Tax Identification Number (PTIN); provide the taxpayer a copy of the return.

Return preparer fraud

About 60 percent of taxpayers will use tax professionals this year to prepare their tax returns. [The] IRS wants to remind all taxpayers that they should use only preparers who sign the returns they prepare and enter their IRS Preparer Tax Identification Numbers (PTINs).

For tips about choosing a preparer, details on preparer qualifications and information on how and when to make a complaint, view IRS Fact Sheet 2014-5, IRS Offers Advice on How to Choose a Tax Preparer.

IRS.gov has general information on reporting tax fraud. More specifically, you report abusive tax preparers to the IRS on Form 14157, Complaint: Tax Return Preparer. Download Form 14157 and fill it out or order by mail at 800-TAX FORM (800-829-3676). The form includes a return address.

Hiding income offshore

Over the years, numerous individuals have been identified as evading U.S. taxes by hiding income in offshore banks, brokerage accounts or nominee entities and then using debit cards, credit cards or wire transfers to access the funds. Others have employed foreign trusts, employee-leasing schemes, private annuities or insurance plans for the same purpose.

At the beginning of 2012, the IRS reopened the Offshore Voluntary Disclosure Program (OVDP) following continued strong interest from taxpayers and tax practitioners after the closure of the 2011 and 2009 programs. The IRS works on a wide range of international tax issues with DOJ to pursue criminal prosecution of international tax evasion. This program will be open for an indefinite period until otherwise announced.

Impersonation of charitable organizations

Following major disasters, it’s common for scam artists to impersonate charities to get money or private information from well-intentioned taxpayers. Scam artists can use a variety of tactics. Some scammers operating bogus charities may contact people by telephone or email to solicit money or financial information. They may even directly contact disaster victims and claim to be working for or on behalf of the IRS to help the victims file casualty loss claims and get tax refunds.

They may attempt to get personal financial information or Social Security numbers that can be used to steal the victims’ identities or financial resources. Bogus websites may solicit funds for disaster victims. The IRS cautions both victims of natural disasters and people wishing to make charitable donations to avoid scam artists by following these tips:

To help disaster victims, donate to recognized charities.

Be wary of charities with names that are similar to familiar or nationally known organizations. Some phony charities use names or websites that sound or look like those of respected, legitimate organizations. IRS.gov has a search feature, Exempt Organizations Select Check, which allows people to find legitimate, qualified charities to which donations may be tax-deductible.

Don’t give out personal financial information, such as Social Security numbers or credit card and bank account numbers and passwords, to anyone who solicits a contribution from you. Scam artists may use this information to steal your identity and money.

Don’t give or send cash. For security and tax record purposes, contribute by check or credit card or another way that provides documentation of the gift.

False income, expenses or exemptions

Another scam involves inflating or including income on a tax return that was never earned, either as wages or as self-employment income in order to maximize refundable credits.

Frivolous arguments

Promoters of frivolous schemes encourage taxpayers to make unreasonable and outlandish claims to avoid paying the taxes they owe. The IRS has a list of frivolous tax arguments that taxpayers should avoid. These arguments are wrong and have been thrown out of court. While taxpayers have the right to contest their tax liabilities in court, no one has the right to disobey the law or disregard their responsibility to pay taxes.

Taxpayers who rely on frivolous arguments and schemes may also face criminal prosecution for attempting to evade or defeat tax.

Falsely claiming zero wages or using false form 1099

Filing a phony information return is an illegal way to lower the amount of taxes an individual owes. Typically, a Form 4852 (Substitute Form W-2) or a “corrected” Form 1099 is used as a way to improperly reduce taxable income to zero. The taxpayer may also submit a statement rebutting wages and taxes reported by a payer to the IRS.

Sometimes, fraudsters even include an explanation on their Form 4852 that cites statutory language on the definition of wages or may include some reference to a paying company that refuses to issue a corrected Form W-2 for fear of IRS retaliation. Taxpayers should resist any temptation to participate in any variations of this scheme. Filing this type of return may result in a $5,000 penalty.

Some people also attempt fraud using false Form 1099 refund claims. In some cases, individuals have made refund claims based on the bogus theory that the federal government maintains secret accounts for U.S. citizens and that taxpayers can gain access to the accounts by issuing 1099-OID forms to the IRS. In this ongoing scam, the perpetrator files a fake information return, such as a Form 1099 Original Issue Discount (OID), to justify a false refund claim on a corresponding tax return.

Abusive tax structures

Abusive tax schemes have evolved from simple structuring of abusive domestic and foreign trust arrangements into sophisticated strategies that take advantage of the financial secrecy laws of some foreign jurisdictions and the availability of credit/debit cards issued from offshore financial institutions.

What is an abusive scheme? The Abusive Tax Schemes program encompasses violations of the Internal Revenue Code (IRC) and related statutes where multiple flow-through entities are used as an integral part of the taxpayer’s scheme to evade taxes. These schemes are characterized by the use of Limited Liability Companies (LLCs), Limited Liability Partnerships (LLPs), International Business Companies (IBCs), foreign financial accounts, offshore credit/debit cards and other similar instruments. The schemes are usually complex involving multi-layer transactions for the purpose of concealing the true nature and ownership of the taxable income and/or assets.

Form over substance are the most important words to remember before buying into any arrangements that promise to “eliminate” or “substantially reduce” your tax liability.

Misuse of trusts

Trusts also commonly show up in abusive tax structures. [Unscrupulous] promoters continue to urge taxpayers to transfer large amounts of assets into trusts. These assets include not only cash and investments, but also successful on-going businesses. There are legitimate uses of trusts in tax and estate planning, but the IRS commonly sees highly questionable transactions. These transactions promise reduced taxable income, inflated deductions for personal expenses, the reduction or elimination of self-employment taxes and reduced estate or gift transfer taxes. These transactions commonly arise when taxpayers are transferring wealth from one generation to another. Questionable trusts rarely deliver the tax benefits promised and are used primarily as a means of avoiding income tax liability and hiding assets from creditors, including the IRS.

Subscribe

Share

Tags

From The Blog

The ThreatMetrix Global Trust Intelligence Network’s Expansion Means More Businesses Stopping Fraud in Real Time without Customer Friction ThreatMetrix’s Global Trust Intelligence Network (The Network) enables businesses to seamlessly differentiate between trusted consumers and potential cybercriminals. This prevents hundreds of millions of dollars in fraud losses globally, without impacting the customer experience for legitimate users. 15 billion transactions analyzed by end of 2015 Using The Network, ThreatMetrix® expects to analyze more than 15 billion total transactions by the end of this year. This volume is…

Real-Time Web Fraud Map

See Real-time Cybercrime Prevention.
The ThreatMetrix™ Web Fraud Map shows you cyberthreats as they happen.